Question No: 31 – (Topic 7)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

Question No: 32 – (Topic 7)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

The fault condition is related to switch technology?

NTP

Switch-to-Switch Connectivity

Loop Prevention

Access Vlans

VLAN ACL Port ACL

Switch Virtual Interface

Port Security

Answer: D Explanation:

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

Question No: 33 – (Topic 7)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

What is the solution to the fault condition?

R1

R2

R3

R4

DSW1

DSW2

ASW1

ASW2

Answer: G Explanation:

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. This network consists of four routers, two layer 3 switches and two layer 2 switches.

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.

DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.

R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range. R1 is also providing NAT translations between the inside (10.1.0.0/16 amp; 10.2.0.0/16) networks and outside (209.65.0.0/24) network.

ASW1 and ASW2 are layer 2 switches.

NTP is enabled on all devices with 209.65.200.226 serving as the master clock source. The client workstations receive their IP address and default gateway via R4’s DHCP server.

The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.

In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.

DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.

The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.

Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.

Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.

Each ticket has 3 sub questions that need to be answered amp; topology remains same. Question-1 Fault is found on which device,

Question-2 Fault condition is related to,

Question-3 What exact problem is seen amp; what needs to be done for solution

=====================================================================

==========

Client is unable to ping IP 209.65.200.241

Solution

Steps need to follow as below:-

-> When we check on client 1 amp; Client 2 desktop we are not receiving DHCP address from R4

Ipconfig — Client will be receiving IP address 10.2.1.3

-> IP 10.2.1.3 will be able to ping from R4 , R3, R2 but not from R1

-> Check for neighborship of ospf

sh ip ospf nei — Only one neighborship is forming with R2 amp; i.e. with R3

Since R2 is connected to R1 amp; R3 with routing protocol ospf than there should be 2 neighbors seen but only one is seen

Question No: 34 – (Topic 8)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241

address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

The fault condition is related to which technology?

BGP

NTP

IP NAT

IPv4 OSPF Routing

IPv4 OSPF Redistribution

IPv6 OSPF Routing

IPv4 layer 3 security

Answer: D Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure-

— ip ospf authentication message-digest

Question No: 35 – (Topic 8)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

What is the solution to the fault condition?

Enable OSPF routing on the s0/0/0 interface using the network 10.1.1.0 0.0.0.255 area 12 command.

Enable OSPF routing on the s0/0/0 interface using the network 209.65.200.0 0.0.0.255

area 12 command.

Redistribute the BGP route into OSPF using the redistribute BGP 65001 subnet command.

Answer: A Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure-

— ip ospf authentication message-digest

Question No: 36 – (Topic 8)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

On which device is the fault condition located?

R1

R2

R3

R4

DSW1

DSW2

ASW1

ASW2

Answer: A Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure-

The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. This network consists of four routers, two layer 3 switches and two layer 2 switches.

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.

DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.

R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range. R1 is also providing NAT translations between the inside (10.1.0.0/16 amp; 10.2.0.0/16) networks and outside (209.65.0.0/24) network.

ASW1 and ASW2 are layer 2 switches.

NTP is enabled on all devices with 209.65.200.226 serving as the master clock source. The client workstations receive their IP address and default gateway via R4’s DHCP server.

The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.

In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.

DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.

The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.

Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.

Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.

Each ticket has 3 sub questions that need to be answered amp; topology remains same. Question-1 Fault is found on which device,

Question-2 Fault condition is related to,

Question-3 What exact problem is seen amp; what needs to be done for solution

Client is unable to ping IP 209.65.200.241

Solution

Steps need to follow as below:-

-> When we check on client 1 amp; Client 2 desktop we are not receiving DHCP address

Question No: 37 – (Topic 9)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241

address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

Question No: 38 – (Topic 9)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

What is the solution to the fault condition?

Under the BGP process, enter the bgp redistribute-internal command.

Under the BGP process, bgp confederation identifier 65001command.

Deleted the current BGP process and reenter all of the command using 65002 as the AS number.

Question No: 39 – (Topic 9)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. This network consists of four routers, two layer 3 switches and two layer 2 switches.

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.

DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.

R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range. R1 is also providing NAT translations between the inside (10.1.0.0/16 amp; 10.2.0.0/16) networks and outside (209.65.0.0/24) network.

ASW1 and ASW2 are layer 2 switches.

NTP is enabled on all devices with 209.65.200.226 serving as the master clock source. The client workstations receive their IP address and default gateway via R4’s DHCP server.

The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.

In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.

DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.

The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.

Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.

Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.

Each ticket has 3 sub questions that need to be answered amp; topology remains same. Question-1 Fault is found on which device,

Question-2 Fault condition is related to,

Question-3 What exact problem is seen amp; what needs to be done for solution

Client is unable to ping IP 209.65.200.241

Solution

Steps need to follow as below:-

-> When we check on client 1 amp; Client 2 desktop we are not receiving DHCP address

from R4

Ipconfig — Client will be receiving IP address 10.2.1.3

-> IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1

-> Look for BGP Neighbourship

Sh ip bgp summary — State of BGP will be in established state amp; will be able to receive I prefix (209.65.200.241)

-> As per troubleshooting we are able to ping ip 10.2.1.3 from R1 amp; BGP is also receiving prefix of webserver amp; we are able to ping the same from R1. Further troubleshooting needs to be done on R1 on serial 0/0/1

-> Check for running config. i.e sh run for interface serial 0/0/1..

!

!

From above snapshot we are able to see that IP needs to be PAT to serial 0/0/1 to reach web server IP

(209.65.200.241). But in access-list of NAT IP allowed IP is 10.1.0.0/16 is allowed amp; need

10.2.0.0 /16 to

-> As per troubleshooting we are able to ping ip 10.2.1.3 from R1 amp; BGP is also receiving prefix of web server amp; we are able to ping the same from R1. Its should be checked further for running config of interface for stopping

-> Change required: On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

Question No: 40 – (Topic 10)

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services,